public TimeStampToken(
CmsSignedData signedData)
{
this.tsToken = signedData;
if (!this.tsToken.SignedContentTypeOid.Equals(PkcsObjectIdentifiers.IdCTTstInfo.Id))
{
throw new TspValidationException("ContentInfo object not for a time stamp.");
}
ICollection signers = tsToken.GetSignerInfos().GetSigners();
if (signers.Count != 1)
{
throw new ArgumentException("Time-stamp token signed by "
+ signers.Count
+ " signers, but it must contain just the TSA signature.");
}
IEnumerator signerEnum = signers.GetEnumerator();
signerEnum.MoveNext();
tsaSignerInfo = (SignerInformation)signerEnum.Current;
try
{
CmsProcessable content = tsToken.SignedContent;
MemoryStream bOut = new MemoryStream();
content.Write(bOut);
this.tstInfo = new TimeStampTokenInfo(
TstInfo.GetInstance(
Asn1Object.FromByteArray(bOut.ToArray())));
Asn1.Cms.Attribute attr = tsaSignerInfo.SignedAttributes[
PkcsObjectIdentifiers.IdAASigningCertificate];
if (attr == null)
{
throw new TspValidationException(
"no signing certificate attribute found, time stamp invalid.");
}
SigningCertificate signCert = SigningCertificate.GetInstance(
attr.AttrValues[0]);
this.certID = EssCertID.GetInstance(signCert.GetCerts()[0]);
}
catch (CmsException e)
{
throw new TspException(e.Message, e.InnerException);
}
}
public TimeStampToken(CmsSignedData signedData)
{
tsToken = signedData;
if (!tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo))
{
throw new TspValidationException("ContentInfo object not for a time stamp.");
}
ICollection signers = tsToken.GetSignerInfos().GetSigners();
if (signers.Count != 1)
{
throw new ArgumentException("Time-stamp token signed by " + signers.Count + " signers, but it must contain just the TSA signature.");
}
IEnumerator enumerator = signers.GetEnumerator();
enumerator.MoveNext();
tsaSignerInfo = (SignerInformation)enumerator.Current;
try
{
CmsProcessable signedContent = tsToken.SignedContent;
MemoryStream memoryStream = new MemoryStream();
signedContent.Write(memoryStream);
tstInfo = new TimeStampTokenInfo(TstInfo.GetInstance(Asn1Object.FromByteArray(memoryStream.ToArray())));
Org.BouncyCastle.Asn1.Cms.Attribute attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate];
if (attribute != null)
{
SigningCertificate instance = SigningCertificate.GetInstance(attribute.AttrValues[0]);
certID = new CertID(EssCertID.GetInstance(instance.GetCerts()[0]));
}
else
{
attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];
if (attribute == null)
{
throw new TspValidationException("no signing certificate attribute found, time stamp invalid.");
}
SigningCertificateV2 instance2 = SigningCertificateV2.GetInstance(attribute.AttrValues[0]);
certID = new CertID(EssCertIDv2.GetInstance(instance2.GetCerts()[0]));
}
}
catch (CmsException ex)
{
throw new TspException(ex.Message, ex.InnerException);
}
}
public TimeStampToken(CmsSignedData signedData)
{
//IL_0063: Unknown result type (might be due to invalid IL or missing references)
//IL_0094: Unknown result type (might be due to invalid IL or missing references)
//IL_009a: Expected O, but got Unknown
tsToken = signedData;
if (!tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo))
{
throw new TspValidationException("ContentInfo object not for a time stamp.");
}
global::System.Collections.ICollection signers = tsToken.GetSignerInfos().GetSigners();
if (signers.get_Count() != 1)
{
throw new ArgumentException(string.Concat((object)"Time-stamp token signed by ", (object)signers.get_Count(), (object)" signers, but it must contain just the TSA signature."));
}
global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)signers).GetEnumerator();
enumerator.MoveNext();
tsaSignerInfo = (SignerInformation)enumerator.get_Current();
try
{
CmsProcessable signedContent = tsToken.SignedContent;
MemoryStream val = new MemoryStream();
signedContent.Write((Stream)(object)val);
tstInfo = new TimeStampTokenInfo(TstInfo.GetInstance(Asn1Object.FromByteArray(val.ToArray())));
Attribute attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate];
if (attribute != null)
{
SigningCertificate instance = SigningCertificate.GetInstance(attribute.AttrValues[0]);
certID = new CertID(EssCertID.GetInstance(instance.GetCerts()[0]));
return;
}
attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];
if (attribute == null)
{
throw new TspValidationException("no signing certificate attribute found, time stamp invalid.");
}
SigningCertificateV2 instance2 = SigningCertificateV2.GetInstance(attribute.AttrValues[0]);
certID = new CertID(EssCertIDv2.GetInstance(instance2.GetCerts()[0]));
}
catch (CmsException ex)
{
throw new TspException(((global::System.Exception)ex).get_Message(), ((global::System.Exception)ex).get_InnerException());
}
}
private void ReadInformation()
{
if (_signerInformation.SignedAttributes[PkcsObjectIdentifiers.Pkcs9AtSigningTime] != null)
{
_signingDate = DerUtcTime.GetInstance(_signerInformation.SignedAttributes[PkcsObjectIdentifiers.Pkcs9AtSigningTime].AttrValues[0]).ToDateTime().ToLocalTime();
}
if (_signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAAEtsSignerAttr] != null)
{
var signerAttr = SignerAttribute.GetInstance(_signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAAEtsSignerAttr].AttrValues[0]);
List <string> claimedRoles = new List <string>();
foreach (BcCms.Attribute claimedAttr in signerAttr.ClaimedAttributes)
{
foreach (var value in claimedAttr.AttrValues)
{
claimedRoles.Add(DerUtf8String.GetInstance(value).GetString());
}
}
_signerRoles = claimedRoles;
}
if (_signerInformation.UnsignedAttributes != null &&
_signerInformation.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken] != null)
{
_timeStamp = new TimeStampToken(new CmsSignedData(_signerInformation.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken].AttrValues[0].GetEncoded()));
}
// Se leen las contrafirmas
var signers = _signerInformation.GetCounterSignatures().GetSigners();
_counterSignatures = new List <SignerInfoNode>();
foreach (var signer in signers)
{
SignerInfoNode node = new SignerInfoNode((SignerInformation)signer, _sigDocument);
_counterSignatures.Add(node);
}
// Se intenta identificar el certificado empleado para la firma, esto quizás se pueda mejorar
byte[] certHash = null;
IssuerSerial issuerSerial = null;
if (_signerInformation.DigestAlgOid == DigestMethod.SHA1.Oid)
{
BcCms.Attribute attr = _signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate];
SigningCertificate sc = SigningCertificate.GetInstance(attr.AttrValues[0]);
EssCertID ecid = sc.GetCerts()[0];
issuerSerial = ecid.IssuerSerial;
certHash = ecid.GetCertHash();
}
else
{
BcCms.Attribute attr = _signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];
SigningCertificateV2 sc2 = SigningCertificateV2.GetInstance(attr.AttrValues[0]);
EssCertIDv2 ecid = sc2.GetCerts()[0];
issuerSerial = ecid.IssuerSerial;
certHash = ecid.GetCertHash();
}
DigestMethod digestMethod = DigestMethod.GetByOid(_signerInformation.DigestAlgOid);
foreach (X509CertificateStructure cs in _sigDocument.Certificates)
{
if (issuerSerial == null || cs.TbsCertificate.SerialNumber.Equals(issuerSerial.Serial))
{
byte[] currentCertHash = digestMethod.CalculateDigest(cs.GetEncoded());
if (certHash.SequenceEqual(currentCertHash))
{
_certificate = new X509Certificate(cs);
break;
}
}
}
}
private void overrideAttrsTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
{
SignerInfoGeneratorBuilder signerInfoGenBuilder = new SignerInfoGeneratorBuilder();
IssuerSerial issuerSerial = new IssuerSerial(
new GeneralNames(
new GeneralName(
X509CertificateStructure.GetInstance(cert.GetEncoded()).Issuer)),
new DerInteger(cert.SerialNumber));
byte[] certHash256;
byte[] certHash;
{
Asn1DigestFactory digCalc = Asn1DigestFactory.Get(OiwObjectIdentifiers.IdSha1);
IStreamCalculator calc = digCalc.CreateCalculator();
using (Stream s = calc.Stream)
{
byte[] crt = cert.GetEncoded();
s.Write(crt, 0, crt.Length);
}
certHash = ((SimpleBlockResult)calc.GetResult()).Collect();
}
{
Asn1DigestFactory digCalc = Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256);
IStreamCalculator calc = digCalc.CreateCalculator();
using (Stream s = calc.Stream)
{
byte[] crt = cert.GetEncoded();
s.Write(crt, 0, crt.Length);
}
certHash256 = ((SimpleBlockResult)calc.GetResult()).Collect();
}
EssCertID essCertID = new EssCertID(certHash, issuerSerial);
EssCertIDv2 essCertIDv2 = new EssCertIDv2(certHash256, issuerSerial);
signerInfoGenBuilder.WithSignedAttributeGenerator(new TestAttrGen(essCertID, essCertIDv2));
Asn1SignatureFactory sigfact = new Asn1SignatureFactory("SHA1WithRSA", privateKey);
SignerInfoGenerator signerInfoGenerator = signerInfoGenBuilder.Build(sigfact, cert);
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(signerInfoGenerator,
Asn1DigestFactory.Get(OiwObjectIdentifiers.IdSha1), new DerObjectIdentifier("1.2"), true);
tsTokenGen.SetCertificates(certs);
TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
tsResp = new TimeStampResponse(tsResp.GetEncoded());
TimeStampToken tsToken = tsResp.TimeStampToken;
tsToken.Validate(cert);
Asn1.Cms.AttributeTable table = tsToken.SignedAttributes;
Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found");
Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificateV2], "no signingCertificateV2 attribute found");
SigningCertificate sigCert = SigningCertificate.GetInstance(table[PkcsObjectIdentifiers.IdAASigningCertificate].AttrValues[0]);
Assert.IsTrue(cert.CertificateStructure.Issuer.Equals(sigCert.GetCerts()[0].IssuerSerial.Issuer.GetNames()[0].Name));
Assert.IsTrue(cert.CertificateStructure.SerialNumber.Value.Equals(sigCert.GetCerts()[0].IssuerSerial.Serial.Value));
Assert.IsTrue(Arrays.AreEqual(certHash, sigCert.GetCerts()[0].GetCertHash()));
SigningCertificate sigCertV2 = SigningCertificate.GetInstance(table[PkcsObjectIdentifiers.IdAASigningCertificateV2].AttrValues[0]);
Assert.IsTrue(cert.CertificateStructure.Issuer.Equals(sigCertV2.GetCerts()[0].IssuerSerial.Issuer.GetNames()[0].Name));
Assert.IsTrue(cert.CertificateStructure.SerialNumber.Value.Equals(sigCertV2.GetCerts()[0].IssuerSerial.Serial.Value));
Assert.IsTrue(Arrays.AreEqual(certHash256, sigCertV2.GetCerts()[0].GetCertHash()));
}
